<?php
/*
	Copyright 2006, 2007, 2008, 2009, 2010 Bastiaan Grutters
    
    This file is part of Ages of Strife website.

    Ages of Strife website is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    Ages of Strife website is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with Ages of Strife website.  If not, see <http://www.gnu.org/licenses/>.
 */
include_once( "../global/utils.php" );
$username = formatInput( $_POST[ 'username' ] );
$password = formatInput( $_POST[ 'password' ] );
$email = formatEmail( $_POST[ 'email' ] );
$password_confirm = formatInput( $_POST[ 'password2' ] );

if( strlen( $username ) != strlen( $_POST[ 'username' ] ) ) {
	$message = "Your username contained invalid characters.";
}
elseif( strlen( $password ) != strlen( $_POST[ 'password' ] ) ) {
	$message = "Your password contained invalid characters.";
}
elseif( strlen( $email ) != strlen( $_POST[ 'email' ] ) ) {
	$message = "Your e-mail address contained invalid characters.";
}
elseif( strlen( $email ) < 3 ) {
	$message = "Please fill in an e-mail address.";
}
elseif( strlen( $username ) < 4 ) {
	$message = "Your username is too short (minimum of 4 characters).";
}
elseif( strlen( $password ) < 4 ) {
	$message = "Your password is too short (minimum of 4 characters).";
}
elseif( $password != $password_confirm ) {
	$message = "Your passwords do not match.";
}
else {
	include_once ( "old_database_connection.php" );
	$language = 'en';
	$query5 = "SELECT language, title " .
			"FROM languages " .
			"ORDER BY title";
	$result5 = mysql_query( $query5 ) or die( "Query failed : " . mysql_error() );
	$num5 = mysql_numrows( $result5 );
	if( isset( $_POST[ 'language' ] ) ) {
		$i = 0;
		while ( $i < $num5 ) {
			if( $_POST[ 'language' ] == mysql_result( $result5, $i, 'language' ) ) {
				$language = mysql_result( $result5, $i, 'language' );
				break;
			}
			$i ++;
		}
	}
	
	$query = "SELECT count(*) " .
			"FROM users " .
			"WHERE username = '" . $username . "'";
	$result = mysql_query( $query ) or die( "Query failed : " . mysql_error() );
	$row = mysql_fetch_array( $result, MYSQL_ASSOC );
	
	if( $row[ 'count(*)' ] == 0 ) {
		$query = "SELECT count(*) " .
				"FROM users " .
				"WHERE email = '" . $email . "'";
		$result = mysql_query( $query ) or die( "Query failed : " . mysql_error() );
		$row = mysql_fetch_array( $result, MYSQL_ASSOC );
		
		if( $row[ 'count(*)' ] == 0 ) {
			$query = "SELECT gameurl " .
					"FROM game";
			$result = mysql_query( $query ) or die( "Query failed : " . mysql_error() );
			$row = mysql_fetch_array( $result, MYSQL_ASSOC );
			$siteUrl = $row[ 'gameurl' ];
			$verification_code = md5( time() );
			if( strlen( $verification_code ) > 64 ) {
				$verification_code = substr( $verification_code, 0, 64 );
			}
			$title = 'Ages of Strife: registration confirmation';
			$mail = "Hi,\n" .
					"\n" .
					"You just registered an account on Ages of Strife. To complete your registration follow this link:\n" .
					"\n" .
					$siteUrl . "/global/email_verification.php?code=$verification_code\n" .
					"\n" .
					"Or copy this code and paste it in the confirmation code box on the confirmation page:\n" .
					"Code: $verification_code\n" .
					$siteUrl . "/global/email_verification.php\n\n" .
					"Thanks,\n" .
					"The Ages of Strife Team";
			$domain = str_replace( 'http://', '', $siteUrl );
			$domain = str_replace( 'https://', '', $domain );
			$header = 'From: no-reply@' . $domain . "\r\n" .
						'Reply-To: no-reply@' . $domain . "\r\n" .
						'X-Mailer: PHP/' . phpversion();
			if( mail( $email, $title, $mail, $header ) ) {
				$query = "INSERT INTO users ( username, password, email, language, activation_code, verified ) " .
						"VALUES ( '$username', '" . crypt( $password ) . "', '$email', '$language', '$verification_code', 0 )";
				$result = mysql_query( $query ) or die( "Query failed : ". mysql_error() );
				header( 'Location: email_verification.php' );
			}
			else {
				$message = 'There was a problem sending the confirmation email, please verify your email address.';
			}
		}
		else {
			$message = "This e-mail address is already in use, please try a different one.";
		}
	}
	else {
		$message = "This username already exists, please choose a different one.";
	}
}

if( isset( $message ) ) {
	header( "Location: ../register.php?message=$message&username=$username&email=$email" );
}
